The Syrian Electronic Army has added Financial Times (FT) to its collection of hijacked accounts of reputable media organizations. It appears that hackers have stolen the usernames and passwords from the staff at Financial Times, gaining access to the newspaper’s social media accounts.
Earlier this month, the Syrian Electronic Army posted unauthorized blog entries and Tweets (on Twitter). They also published the email address and password of an FT staff member who accidentally chose a rather inappropriate password.
Hacking such a prestigious target will not be disregarded. FT’s Security Team leapt into action, sending prompt warnings to readers, and immediately deleted offending messages.
In the past few weeks, the Syrian Electronic Army hacked the online accounts of The Guardian, NPR, CBS, and the BBC with flawless ease. This prompted Twitter to warn news and media organizations about the recent attacks, providing advice on security and defensive measures.
The current system Twitter follows poses a unique problem when it comes to hackers. Twitter insists that every Twitter account must be connected to one username/password only. This is different from the way Facebook currently works—where individual users choose from an assortment of rights regarding the management and administration of their online presence. This, plus Facebook’s two-factor authentication (login approvals on Facebook) combine to provide a high level of security.
The approach that Twitter has taken requires media agencies to share Twitter passwords with their staff worldwide; so these agencies can only hope that they don’t get hacked or have their credentials phished.
If Twitter introduced a way for firms to give staff members separate logins for the same account, it would greatly increase its security; especially if they could utilize the two-factor authentication that Facebook uses.
Media companies must continually train their staff to be suspicious of any unsolicited emails; and to always be wary of unknown links. After all, the blame for the Syrian Electronic Army’s success can’t fall entirely on Twitter. In the end, it was the media organization’s staff who made the mistake.
Do you have questions about your technology security? Call Cohn Consulting Corporation today and ask us about our Cohn Care Platinum managed services program. We ensure your business remains efficient, secured and in constant communications with your clients.
“[Your] professionalism in dealing with this situation at the Zero hour is definitely a rarity. Your team’s response was to take on a project that you had no prior knowledge of other than a customer was in a tight spot and needed assistance.”